REMARKS 

Applicants respectfully request reconsideration of the present application based on the 
following remarks. Claims 6-8 and 19-21 are rejected under the second paragraph of 35 U.S.C. 
§1 12 as allegedly indefinite, claims 1-5, 8-18 and 22-26 are rejected under 35 U.S.C. §102 as 
allegedly anticipated by U.S. Patent No. 6,678,821 to Waugh et al. ("Waugh") and claims 6-8 
and 19-21 are rejected under 35 U.S.C. §103 as allegedly unpatentable over Waugh in view of 
U.S. Patent No. 4,652,698 to Hale (" Hale ") and further in view of U.S. Patent No. 7,188,362 to 
Brandys (" Brandys "). Claims 27 and 28 were previously withdrawn as a result of a Restriction 
Requirement. Applicant traverses each and every rejection for at least the reasons set out below. 

The §112 Rejections 

The Office Action rejects claims 6 and 19 based on the Examiner's misapprehension that 
the claims contain an inconsistency. Specifically, the Examiner supposes that pre-enrollment 
keys need not be supplied to key generators since key generators generate pre-enrollment keys. 
However, this supposition derives from a mischaracterization of the claims. Claim 6 requires, 
inter alia, generating pre-enrollment keys for the user, supplying the pre-enrollment keys to 
respective key generators, and generating a final enrollment key for the user only if keys 
provided by a key administrator match the pre-enrollment keys supplied to the key generators, 
the key administrator being a person different than the key generators. According to the claim 
language, a precondition for generating a final enrollment key is that pre-enrollment keys 
provided to a key generator match keys provided by a key administrator who is not one of the 
key generators. This claim language is both internally consistent and lucid. The Examiner is 
directed to one example taken from the specification that maybe assist comprehension of the 
claim language: 

As shown in steps S502-1 and S502-2, two authorized employees 
(Key-Generator- 1 and Key-Generator-2) / (KG-1 and KG-2) from the 
service will access the enrollment process and provide the enrollment 
process with the user's identifying information. The enrollment process 
then generates respective pre-enrollment keys and communicates them to 
the employees. In one example, the pre-enrollment keys are unique and 
randomly generated alphanumeric strings. Preferably, KG-1 and KG-2 
will access the enrollment process separately to generate the pre- 
enrollment keys for every approved user/client. 

KG-1 and KG-2 will then forward the pre-enrollment keys to the Key 
Generator Administrator and Certifier (KGAC) for generating and 
approval of the final enrollment key. An authorized employee from the 

Luz Maria Soto et al. 8 010942-030451 3 / AWT-004 

701004374vl Response to Office Action 



organization will be the KG AC. After the KGAC has entered prospective 
user's identifying information, the enrollment process will prompt KGAC 
for the two pre-enrollment keys already generated for the user. If this 
information is correct, the enrollment process will produce the final 
enrollment key, and if required, can further require a biometric signature 
to be supplied by the KGAC (S504). In one example, a proprietary 
program is used to generate the final enrollment key. 

Specification , pl8, lines 3-17. It is apparent that this passage provides an example in which KG- 

1 can supply pre-enrollment keys to a key generator (KGAC) who would generate a final 

enrollment key for the user only if the keys provided KG-2 match the pre-enrollment keys 

supplied by KG-1. Having considered this example, other examples provided in the 

Specification will be readily appreciated. Therefore, Applicants respectfully submit that the 

§112 rejections of claims 6 and 19 are improper and should be withdrawn. 

The Office Action also rejects claim 7 and 20 apparently for the reason that the term 

"comparison" does not specify an object to which a final enrollment key is compared. 

Applicants disagree with the characterization of the claim language because comparison is a 

noun and does not require specification of the compared objects. Applicants have nevertheless 

amended the claims to require verifying registration of the user in accordance with a validation 

of the final enrollment key. It will be appreciated that one form of validation may be obtained by 

comparing a presented object with a known object to obtain a comparison of the presented 

object. Applicants submit that the amendments are fully supported in the Specification and 

Drawings, do not add new subject matter to the application and render moot the §1 12 rejections 

of claims 7 and 20. 

Claim Rejections under 35 U.S.C. §102 

Applicants respectfully traverse the §102 rejections of the claims for at least the reason 

that Waugh does not teach every aspect of the claimed inventions either explicitly or impliedly. 

A cited prior art reference anticipates a claimed invention under 35 U.S.C. §102 only if every 

element of the claimed invention is identically shown in the single reference, arranged as they 

are in the claims. MPEP §2131; In re Bond, 910 F.2d 831, 832, 15 USPQ2d 1566, 1567 (Fed. 

Cir. 1990). Waugh does not disclose each and every element of the claims arranged as they are 

in the claims. 

More specifically, and with particular regard to claims 1 and 14, Waugh does not teach, 
inter alia, sending the collected biometric sample from the client to the authentication server and 
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comparing, at the authentication server, the biometric sample to a biometric template associated 

with the user. Instead, Waugh explicitly teaches downloading an ID template to a client 

computer (see Waugh col. 3, line 44 - col. 4, line 3), obtaining a fingerprint at the client 

computer, comparing the fingerprint with the template at the client computer and transferring a 

digital code between modules on the client computer if a match is found. These teachings are 

found in the Waugh specification and drawings as cited by the Examiner: 

In order to use his private key to encrypt the message stored in the 
message storage module 40, the user downloads his ID template 801 from 
the ID template server in step 102. This ID template 801 is then stored in 
the 10 template storage module 42. As discussed above the ID template 
801 includes a biometric standard 82 and a digital identifier 84. The 
biometric standard 82 is a record of a previously measured physical 
attribute of the user. Typically, this physical attribute would be a finger 
print, but could also be some other physical attribute, such as a voice print 
of a voice. 

In step 104, the same physical feature as is recorded in the biometric 
standard 82 is measured by a biometric device to obtain a measured 
biometric value. In the embodiment of FIG. 1, the first biometric device 
24 reads the fingerprint from the finger 36 of the first user in step 104. 
Then, in step 106, the biometric value comparison module 44 compares 
the biometric standard 82 stored on the ID template storage module 42 
with the measured biometric value obtained by the biometric device 24 
and stored in the measured biometric value storage module 50g. If there is 
a sufficient correspondence between the two biometric values, then the 
biometric value comparison module 44 instructs the ID template storage 
module 421 to send the digital identifier 88 to the key control module 46. 
Specification , col. 5, lines 3-26 and see Waugh Figs. 1-2. Waugh expressly teaches that 
biometric readings are compared with previously recorded values in its client computer 22. See 
Waugh, Fig. 2 and col. 3, line 44 - col. 4, line 3. Consequently, the rejections of claims 1 and 14 
and every claim which depends from claim 1 or claim 14 are founded on a misconception of the 
teachings of Waugh . In fact, the Waugh -taught process operates in an opposite manner to the 
claimed inventions and therefore teaches away from the claims. Specifically, the Office Action 
asserts that Waugh teaches sending a collected biometric sample to an authentication server and 
comparing the sample at the authentication server when Waugh explicitly teaches sending an ID 
template to a client computer and comparing a fingerprint collected at the client computer with 
the ID template on the client computer. 

Therefore, Applicants submit that the rejections of claims 1 and 14 are improper and 
Applicants request withdrawal of those rejections. 
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Each of claims 2-13 and 15-26 ultimately depend from claim 1 or claim 14 and are 
allowable for at least the reasons claims 1 and 14 are allowable. Applicants submit that, given 
the degree of difference between the teachings of Waugh and the independent claims, the other 
deficiencies in claims 1 and 14 and their dependent claims need no further comment. Applicants 
note, for example, that each of claims 9-1 1 and 22-24 further limits its respective independent - 
claim by specifying certain required attributes associated with sending a collected biometric 
sample from a client to an authentication server. Waugh does not teach sending a collected 
biometric sample from a client to an authentication server, but expressly teaches an opposite 
process of sending a biometric template to a client computer for comparison with a fingerprint 
obtained at the client computer. Consequently, it is improper to assert that Waugh teaches all 
elements as arranged in the claims of the present application. Therefore, for at least the reasons 
provided above, the §102 rejections of claims 2-5, 9-13, 15-18 and 22-26 are improper and these 
rejections should also be withdrawn. 

Claim Rejections under 35 U.S.C. §103 

The §103 rejections of claims 6-8 and 19-21 should be withdrawn for at least the reason 
that Hale and Brandvs do not cure the deficiencies of Waugh discussed above and, consequently, 
no combination of the cited art teaches all elements of claims 6-8 and 19-21. 

Furthermore, as cited, Hale and Brandys do not teach or suggest the elements 
acknowledged to be absent from Waugh , and Hale and Brandvs do not teach certain elements 
and limitations of the claims as alleged by the Office Action. For example, the Office Action 
proposes that Hale 's Abstract teaches: generating pre-enrollment keys; supplying pre-enrollment 
keys to plural key generators; generating a final enrollment key for the user only if keys provided 
by a key administrator match the pre-enrollment keys supplied to the key generators, the key 
administrator being a person different than the key generators; and verifying registration of the 
user in accordance with a validation of the final enrollment key. The Abstract of Hale does not 
teach any of these elements. Indeed, Hale never teaches or refers to keys (other than keyboard 
keys), key generators, key generation, key administrators, pre-enrollment or enrollment. The 
support offered by the Office Action does not identify the elements alleged to be present with 
particularity and the rejections are consequently so vague that they preclude cogent argument. 
Simply put, nothing in Hale bears sufficient resemblance to the limitations of the claims or the 
subject matter of the present Application to warrant direct argument. 
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The citations to Brandys are equally vague and irrelevant. The Office Action alleges that 
Brandys teaches creating the biometric template for a user only if registration is verified, 
generating a private key only if the biometric template is successfully created and associating 
user identification information with the final enrollment key. However, not only are these 
claimed steps not taught or suggested in Brandys, but no step bearing even a superficial 
resemblance to any of these claimed steps can be found in the reference. The recited order and 
preconditions recited in the claims are not described or suggested in relation to any other feature 
of Brandys . A few of the words used in the claims of the present invention can be found 
scattered in unconnected fashion throughout Brandys , but the construction of the Brandys 
teachings proposed in the Office Action is both arbitrary and fanciful and is apparently rooted in 
an unrestrained and improper application of hindsight. 

Therefore, for at least these reasons, the §103 rejections should be withdrawn. 

CONCLUSION 

All objections and rejections having been addressed, and in view of the foregoing, the 
claims are believed to be in form for allowance, and such action is hereby solicited. The 
Examiner is kindly requested to contact the undersigned at the telephone number listed below if 
any points remain in issue which may best be resolved through a personal or telephone interview. 

Please charge any fees associated with the submission of this paper to Deposit Account 
Number 033975. The Commissioner for Patents is also authorized to credit any over payments 
to the above-referenced Deposit Account. 



Respectfully submitted, 

PILLSBURY WINTHROP SHAW PITTMAN LLP 

Date: February 29, 2008 jd^k. Q^fJ^ 55,636 

Anthony G. Smyth (Reg. No.) 

Telephone: (650) 233-4802 

Please reply to Customer No. 27,498 
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